Oops missed the attachment. On 10/21/05, Ruchith Fernando <[EMAIL PROTECTED]> wrote: > Hi All, > > Dims made some changes recently to enable WSS4J to load the password > callback class from a given class loader. This allowed Axis2 security > module (which is a port of the WSDoAll* handlers) to be able to load > the password callback parameters from the service's class loader. > > Axis2 services have their own classloader and this is different from > the classloader available to the Axis2 module. Therefore we need to > supply the service's classloader to WSS4J to pickup the required > resources and classes. > > Therefore we should also be able to load the other resources such as > crypto.propertes with a custom class loader (the service's classloader > in the case of Axis2), and we may have to load a different Crypto impl > from the Axis2 service archive. Right now this is not possible since > the CryptoFactory and the default Crypto impl (Merlin) is not capable > of accessing a custom class loader. > > I made some changes and tried it out with Axis2 and it was able to > pickup the resources from the Axis2 service archive. Please have a > look at the attached diff. > > Can we have this option in WSS4J? Or is there a better way to do it? > Thoughts? :-) > > Thanks > -- > Ruchith >
-- Ruchith
Index: src/org/apache/ws/security/components/crypto/AbstractCrypto.java =================================================================== --- src/org/apache/ws/security/components/crypto/AbstractCrypto.java (revision 327095) +++ src/org/apache/ws/security/components/crypto/AbstractCrypto.java (working copy) @@ -1,3 +1,19 @@ +/* + * Copyright 2003-2004 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ package org.apache.ws.security.components.crypto; import org.apache.commons.discovery.Resource; @@ -52,6 +68,17 @@ * @param properties */ public AbstractCrypto(Properties properties) throws CredentialException, IOException { + this(properties,AbstractCrypto.class.getClassLoader()); + } + + /** + * This allows providing a custom class loader to load the resources, etc + * @param properties + * @param loader + * @throws CredentialException + * @throws IOException + */ + public AbstractCrypto(Properties properties, ClassLoader loader) throws CredentialException, IOException { /* * if no properties .. just return an instance, the rest will be * done later or this instance is just used to handle certificate @@ -69,7 +96,7 @@ */ DiscoverResources disc = new DiscoverResources(); disc.addClassLoader(JDKHooks.getJDKHooks().getThreadContextClassLoader()); - disc.addClassLoader(this.getClass().getClassLoader()); + disc.addClassLoader(loader); ResourceIterator iterator = disc.findResources(location); if (iterator.hasNext()) { Resource resource = iterator.nextResource(); @@ -97,6 +124,7 @@ } } + /** * Singleton certificate factory for this Crypto instance. * <p/> Index: src/org/apache/ws/security/components/crypto/Merlin.java =================================================================== --- src/org/apache/ws/security/components/crypto/Merlin.java (revision 327095) +++ src/org/apache/ws/security/components/crypto/Merlin.java (working copy) @@ -56,6 +56,10 @@ public Merlin(Properties properties) throws CredentialException, IOException { super(properties); } + + public Merlin(Properties properties, ClassLoader loader) throws CredentialException, IOException { + super(properties,loader); + } /** * Construct an array of X509Certificate's from the byte array. Index: src/org/apache/ws/security/components/crypto/CryptoFactory.java =================================================================== --- src/org/apache/ws/security/components/crypto/CryptoFactory.java (revision 327095) +++ src/org/apache/ws/security/components/crypto/CryptoFactory.java (working copy) @@ -99,22 +99,47 @@ defaultCryptoClassName); } return loadClass(cryptoClassName, properties); + } + + public static Crypto getInstance(String propFilename, ClassLoader customClassLoader) { + Properties properties = null; + String cryptoClassName = null; + + // cryptoClassName = System.getProperty("org.apache.ws.security.crypto.provider"); + if ((cryptoClassName == null) || (cryptoClassName.length() == 0)) { + properties = getProperties(propFilename,customClassLoader); + // use the default Crypto implementation + cryptoClassName = properties.getProperty("org.apache.ws.security.crypto.provider", + defaultCryptoClassName); + } + return loadClass(cryptoClassName, properties,customClassLoader); } private static Crypto loadClass(String cryptoClassName, Properties properties) { + return loadClass(cryptoClassName,properties,CryptoFactory.class.getClassLoader()); + } + + /** + * This allows loading the classes with a custom class loader + * @param cryptoClassName + * @param properties + * @param loader + * @return + */ + private static Crypto loadClass(String cryptoClassName, Properties properties, ClassLoader loader) { Class cryptogenClass = null; Crypto crypto = null; try { // instruct the class loader to load the crypto implementation - cryptogenClass = Loader.loadClass(cryptoClassName); + cryptogenClass = Loader.loadClass(loader, cryptoClassName); } catch (ClassNotFoundException e) { throw new RuntimeException(cryptoClassName + " Not Found"); } log.debug("Using Crypto Engine [" + cryptoClassName + "]"); try { - Class[] classes = new Class[]{Properties.class}; + Class[] classes = new Class[]{Properties.class,ClassLoader.class}; Constructor c = cryptogenClass.getConstructor(classes); - crypto = (Crypto) c.newInstance(new Object[]{properties}); + crypto = (Crypto) c.newInstance(new Object[]{properties,loader}); return crypto; } catch (java.lang.Exception e) { e.printStackTrace(); @@ -130,7 +155,6 @@ throw new RuntimeException(cryptoClassName + " cannot create instance"); } } - /** * Gets the properties for crypto. * The functions loads the property file via @@ -141,9 +165,20 @@ * @return a <code>Properties</code> object loaded from the filename */ private static Properties getProperties(String propFilename) { + return getProperties(propFilename, CryptoFactory.class.getClassLoader()); + } + + + /** + * This allows loading the resources with a custom class loader + * @param propFilename + * @param loader + * @return + */ + private static Properties getProperties(String propFilename, ClassLoader loader) { Properties properties = new Properties(); try { - URL url = Loader.getResource(propFilename); + URL url = Loader.getResource(loader, propFilename); properties.load(url.openStream()); } catch (Exception e) { log.debug("Cannot find crypto property file: " + propFilename); @@ -152,5 +187,6 @@ } return properties; } + } Index: src/org/apache/ws/security/util/Loader.java =================================================================== --- src/org/apache/ws/security/util/Loader.java (revision 327095) +++ src/org/apache/ws/security/util/Loader.java (working copy) @@ -75,8 +75,34 @@ log.debug("Trying to find [" + resource + "] using ClassLoader.getSystemResource()."); return ClassLoader.getSystemResource(resource); } + /** + * Try to get the resource with the specified class loader + * <p/> + * + * @param cl + * @param clazz + * @return Class + * @throws ClassNotFoundException + */ + static public URL getResource(ClassLoader loader, String resource) throws ClassNotFoundException { + URL url = null; + try { + if (loader != null) { + log.debug("Trying to find [" + resource + "] using " + loader + " class loader."); + url = loader.getResource(resource); + if (url != null) { + return url; + } + } + } catch (Throwable t) { + log.warn("Caught Exception while in Loader.getResource. This may be innocuous.", t); + } + return getResource(resource); + } + + /** * Get the Thread context class loader. * <p/> * Index: src/org/apache/ws/security/handler/WSHandler.java =================================================================== --- src/org/apache/ws/security/handler/WSHandler.java (revision 327095) +++ src/org/apache/ws/security/handler/WSHandler.java (working copy) @@ -33,20 +33,20 @@ import org.apache.ws.security.util.WSSecurityUtil; import org.apache.ws.security.util.XmlSchemaDateFormat; import org.w3c.dom.Document; -//import org.apache.axis.MessageContext; -import javax.security.auth.callback.Callback; -import javax.security.auth.callback.CallbackHandler; import java.math.BigInteger; import java.security.cert.X509Certificate; import java.text.DateFormat; import java.util.Arrays; import java.util.Calendar; +import java.util.Date; import java.util.Hashtable; import java.util.Vector; -import java.util.Date; +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; + /** * Extracted from WSDoAllReceiver and WSDoAllSender * @@ -320,7 +320,7 @@ reqData.getMsgContext()); if (sigPropFile != null) { if ((crypto = (Crypto) cryptos.get(sigPropFile)) == null) { - crypto = CryptoFactory.getInstance(sigPropFile); + crypto = CryptoFactory.getInstance(sigPropFile, this.getClassLoader()); cryptos.put(sigPropFile, crypto); } } else { @@ -345,7 +345,7 @@ reqData.getMsgContext()); if (encPropFile != null) { if ((crypto = (Crypto) cryptos.get(encPropFile)) == null) { - crypto = CryptoFactory.getInstance(encPropFile); + crypto = CryptoFactory.getInstance(encPropFile, this.getClassLoader()); cryptos.put(encPropFile, crypto); } } else if ((crypto = reqData.getSigCrypto()) == null) { @@ -711,7 +711,7 @@ reqData.getMsgContext()); if (decPropFile != null) { if ((crypto = (Crypto) cryptos.get(decPropFile)) == null) { - crypto = CryptoFactory.getInstance(decPropFile); + crypto = CryptoFactory.getInstance(decPropFile, this.getClassLoader()); cryptos.put(decPropFile, crypto); } } else if ((crypto = reqData.getSigCrypto()) == null) {
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
